Firewall

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet. The application offers stateful firewall with support for IPv4 and IPv6 and live view on blocked or passed traffic.

Virtual Private Networking (VPN)

A virtual private network, or VPN, is an encrypted connection over the Internet from a device to a network. The encrypted connection helps ensure that sensitive data is safely transmitted. It prevents unauthorized people from eavesdropping on the traffic and allows the user to conduct work remotely. Integrated support for IPsec (including route based), OpenVPN as well as pluggable support for Tinc (full mesh VPN) and WireGuard.

Hardware Failover

Hardware Failover allows a second unit to function in an idle role and act as a backup device. When you cannot afford downtime use our automatic and seamless hardware failover with state synchronization utilizing the common address redundancy protocol (CARP) to get the highest possible availability.

Intrusion Detection & Prevention

An intrusion detection and prevention system (IDPS) is a network monitoring strategy that works by both passively monitoring traffic and actively blocking suspicious or malicious behavior once it is flagged. Get rid of the Trojans & CNC bots with state of the art inline prevention utilizing Suricata and Proofpoint's Emerging Threats Open rules integrated. Optional ET PRO (commercial subscription) or ET PRO Telemetry.

Web Filtering

Web filtering is a technology stops users from viewing certain URLs or websites by preventing their browsers from loading pages from these sites. Fully integrated web proxy with access control and support for external blacklists to filter unwanted traffic. Other options include firewall aliases and DNS blacklisting. Block ads with ease!

Multi & SD WAN

In its simplest form, a wide-area network (WAN) is a collection of local-area networks (LANs) or other networks that communicate with one another. SD wide-area network (WAN) is software-defined. Multi WAN capable including load balancing and failover support. For easy setup, configuration and monitoring the ZeroTier plugin can be used to setup your Software Defined WAN within minutes.

Two Factor Authentication

Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism. 2FA is supported throughout the system, for both the user interface and services such as VPN.

Firewall
& Routing
Software

OPNsense is an easy-to-use open source firewall and routing platform. Based on FreeBSD, OPNsense combines the rich functionality that is otherwise known only from commercial firewalls, with the benefits of open and verifiable sources. Secure your network with our server systems optimized for OPNsense, all without any licensing fees! It's a case of more security for less cost.